Audits performed by us
19
High & critical vulns uncovered
5
Relationship started
2020
Audits performed by us
4
High & critical vulns uncovered
3
Relationship started
2020
Audits performed by us
2
High & critical vulns uncovered
1
Relationship started
2020
Data collected as of December 31st, 2023
Our team secures leading decentralized exchanges and aggregators.
Read the reportsEngaging with various platforms including AMMs like Bancor V3 and Balancer, the UniswapX order settlement protocol, the Beefy swap router, and the Panoptic options trading platform, which leverages Uniswap V3 liquidity positions, demonstrating our proficiency in V3 concentrated liquidity mathematics. Furthermore, we've completed over 13 audits for 1inch, the premier DEX aggregator.
Audits performed by us
16
High & critical vulns uncovered
9
Relationship started
2022
Audits performed by us
5
High & critical vulns uncovered
34
Audits performed by us
10
High & critical vulns uncovered
14
Relationship started
2023
Data collected as of December 31st, 2023
We secure L1-L2 bridges, ZK-verifier contracts, and optimistic rollups.
Read the reportsWe've identified critical vulnerabilities across a range of areas, including fraud-proof verification, cross-domain transactions, fee mismanagement, and reward system abuses.
Notably, critical issues were discovered in the Linea ZK-verifier, the Scroll message-passing bridge, among other ZK-rollups.
Audits performed by us
44
High & critical vulns uncovered
19
Relationship started
2019
Audits performed by us
3
High & critical vulns uncovered
Relationship started
2019
Audits performed by us
2
High & critical vulns uncovered
2
Relationship started
2023
Data collected as of December 31st, 2023
We are the key security partner for leading lending protocols like Compound, Radiant, Venus, and Morpho Blue.
Read the reportsOur researchers have identified several critical vulnerabilities in lending protocols with billions in TVL, including potential bad debt creation in AAVE V3 and stolen rewards in Radiant V2. Serving as Compound's main security partner, we’ve helped establish them as one of the safest platforms in the space.
High & critical vulns uncovered
17
Relationship started
2020
Audits performed by us
1
High & critical vulns uncovered
Relationship started
2022
Data collected as of December 31st, 2023
Our team expertise extends across the most sophisticated Oracle systems.
Read the reportsThese include Chainlink and UMA Protocol, and Oracle-dependent components used by platforms like Compound and Synthetix Oracle manager, which utilize Pyth, Chainlink, and Uniswap V3 TWAP oracles. As UMA's primary security partner, we've conducted over 10 audits, revealing critical vulnerabilities in its optimistic verification system and cross-chain components. Additionally, we've identified high-severity issues in Polymarket's integration with UMA.
Audits performed by us
3
High & critical vulns uncovered
7
Relationship started
2022
Audits performed by us
1
High & critical vulns uncovered
Relationship started
2024
Data collected as of December 31st, 2023
Our first-hand experience auditing multiple Account-Abstraction implementations positions us as leaders in Account Abstraction security.
Read the reportsWe worked with the Ethereum Foundation on three audits of Account Abstraction’s EIP-4337, identifying over seven high+ severity issues, enhancing Ethereum protocol’s security. Our discoveries encompassed deposit record manipulations, incorrect gas calculations, and invalid aggregated signature verifications, among others. We also audited Pimlico’s ERC20 token paymaster implementation, allowing users to pay transactions in any ERC20. During this audit, our researchers dived deep into the ERC 4337 paymaster reputation rules.
Audits performed by us
9
High & critical vulns uncovered
12
Relationship started
2021
Audits performed by us
2
High & critical vulns uncovered
Relationship started
2023
Data collected as of December 31st, 2023
We are the security partner for the leading stablecoins.
Read the reportsBack in 2018, we audited Tether, the most used stablecoin in the world. In 2019, our team found a live critical vulnerability affecting MakerDao, the issuer of DAI. Today, we are Origin’s main security partner, performing over 7 audits including the Origin dollar, a yield-bearing decentralized stablecoin. During our engagement with Origin, we added value through multiple findings, including critical findings that would have resulted in yield theft. We also secure Mountain Protocol, issuers of USDM, a yield-bearing rebasing stablecoin backed by T-Bills.
Audits performed by us
2
High & critical vulns uncovered
Relationship started
2022
Data collected as of December 31st, 2023
Financial Institutions entering the blockchain space face unique challenges regarding security, compliance, and operations.
Read the reportsWe partner with leading financial institutions across North America, Latin America, Europe, and Asia as their trusted blockchain advisors. We also audited and provided operational infrastructure for the issuance of the A$DC Australian Dollar stablecoin by the ANZ Bank.
Audits performed by us
11
High & critical vulns uncovered
13
Relationship started
2023
Audits performed by us
4
High & critical vulns uncovered
2
Relationship started
2021
Data collected as of December 31st, 2023
We secure the leading Gaming and NFT protocols.
We are the authors of the world’s most widely used implementation of ERC721, used by the most popular protocols working with NFTs.
Our work in NFTs encompasses audits for some of the most widely known issuers and exchanges, including Yuga Labs, creators of BAYC, and OpenSea.
In the gaming space, we are The Sandbox’s security partner, performing over 15 audits to their protocol. Other gaming experience includes Decentraland’s MANA token as well as the PoolTogether protocol, finding critical issues that prevented loss of funds due to user duplication in their prize pools.